Picture this—it’s Monday morning and you show up at your shop, everything is looking great for the week. You have a monumental event planned and you cannot wait to see the amount of sales and loans the week coming up has in store. You get your shop set up and ready to go, you start to disburse the cash drawers to your employees… and your computer won’t unlock. You try logging again and still nothing. You check another computer, it’s not working either. This never happens! Nothing is working as it should, something’s up. You quickly resort to taking cash payments and sales as everyone works to figure out what the issue is. Then it happens—you get an email on your phone from a strange address telling you that your computer files are locked, and to get them back you must pay $15,000 for the passcode. You have 72 hours to pay the fee or your files are gone.
This may sound like something from a blockbuster techno-thriller, but this is a real issue that plays out every day in small businesses. People like to think their business is protected by using free malware and antispyware programs that they downloaded online. Even though updates on most security programs are kept up on a regular basis, it’s not enough to protect against a ransomware attack. These attacks are initiated as easily as sending out an email and having someone click the link, and sophisticated hackers will scan a network looking for any opening in the system they can attack. Currently, 22% of businesses that are attacked with ransomware are crippled to the point that they have to close permanently. The average cost for a small business to recover from an attack can be upwards of $2 Million, including lost assets and business. While these numbers are staggering, there are practical ways that you can protect yourself and your business.
Training is one of the most important parts of fending off a ransomware or cyber-attack. Always train you employees to never click on attachments in emails from senders they don’t know or recognize. If there’s a possibility that the email could be real, call the company that sent it to make sure—it’s always better to ask than to be sorry. Employees need to be trained to staff off sites that they know they should not be visiting, or clicking on pop-ups that come up on some sites. Computer etiquette is one of the easier and most cost-effective ways to protect yourself from cyber-attacks against your business.
The next step in protecting your business is to have a trained IT specialist like myself come in and evaluate your network and your needs in order to secure your business. While there is an upfront cost to this, in the end it’s cheaper than having to pay for someone to come in during or after an attack. When the IT specialist comes to your shop, they will be able to identify which areas need to be addressed first and which areas will need to be addressed as time continues. This evaluation should include checks into your antispyware and antimalware programs, wireless setup, your business network, and backup and recovery needs to ensure that everything is always running smoothly for you. The upfront cost of this kind of service is minimal compared to having a professional come in during an attack—the cost of an IT person can easily triple from normal cost during an active cyber-attack.
It’s unfortunate, but these are matters that we must think about on a constant basis in the business world today. With the right training and right setup, a lot of these issues can be avoided and the risk of doing business in the digital age is greatly reduced. You do not want to be the company that waits to react to a situation—be a leader and be proactive. Contact me today to get a review of your network, security practices, and disaster recovery options to ensure that your business doesn’t fail due to a cyber attack that could have been avoided.